[Soot-list] Data Flow Graph For Java Applaction

Steven Arzt Steven.Arzt at cased.de
Thu Feb 27 12:44:17 EST 2014 

Hi,

 

if you want to perform a precise data flow analysis, I would recommend
taking a look at the FlowDroid tool which is a taint tracker based on Soot.
Instructions on how to obtain FlowDroid are available here:
https://github.com/secure-software-engineering/soot-infoflow-android/wiki
Papers explaining FlowDroid can be found here:
http://sseblog.ec-spride.de/tools/flowdroid/ That should definitely be
easier than implementing your own analysis.

 

Best regards,

  Steven

 

 

M.Sc. M.Sc. Steven Arzt

Secure Software Engineering Group (SSE)

European Center for Security and Privacy by Design (EC SPRIDE) 

Mornewegstraße 32

D-64293 Darmstadt

Phone: +49 61 51 16-75426

Fax: +49 61 51 16-72118

eMail:  <mailto:steven.arzt at ec-spride.de> steven.arzt at ec-spride.de

Web: http://sse.ec-spride.de <http://sse.ec-spride.de/> 

 

 

 

Von: soot-list-bounces at sable.mcgill.ca
[mailto:soot-list-bounces at sable.mcgill.ca] Im Auftrag von Guru Devanla
Gesendet: Donnerstag, 27. Februar 2014 04:22
An: Ibrahim Elgendy; Soot list
Betreff: Re: [Soot-list] Data Flow Graph For Java Applaction

 

I assume in your example, the last statement reads y(a).

 

Here are some pointers you can use. I do not have the code handy which can
give you your exact solution. But, here is the pseudo code:

 

//You need to build these structures.

 UnitGraph cfg = new EnhancedUnitGraph(body);

SimpleLocalDefs simpleLocalDefs = new SimpleLocalDefs(cfg);

 

//Unit u => this is the unit which has your local

// l => is the local which is in the unit u

List units = defs.getDefsOfAt(l, u);

 

 

 

1.  You also need a way to extract "l" out of "u". But, that would depend
upon what you are looking for.

2.  In your example, the return value of getDefsOfAt would be the unit [int
a = x(b,c)]. You need to check the presence of method x in that unit. That
can be done using ((Stmt)u).containsInvokeExpr and ((Stmt)u).getInvokeExpr.

 

3. Finally, you might have to recurse step 1 and 2 to handle cases such as

 

int a = x(a,b)

z = a

y(z)

 

 

 

Hope that helps to get you started.

 

-Guru

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

On Wed, Feb 26, 2014 at 3:44 PM, Ibrahim Elgendy <eng.elgendy90 at gmail.com>
wrote:

Hi,

can the soot tool show the data flow dependency?

 

for example

 

class Test{

 

void z(int b,int c){

 

int a=x(b,c);

 

y(x);

 

}

 

}

 

if method x return data that put in variable a

int a=x(b,c);

and method y use this variable x

y(x);

 

the result show that method y depend on method x (there is data dependency
between two method)

 

if soot tool can do that ,can you help me how i can get this data
dependency?if no can you help me how to get it?

 

Thanks

 

-- 
Ibrahem Elgendy
Faculty of computers and information 


_______________________________________________
Soot-list mailing list
Soot-list at sable.mcgill.ca
http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20140227/525ba39a/attachment.html

More information about the Soot-list mailing list